Re: mod_ssl / ssl_engine_ocsp.c customizations

[Joe Orton <jo...@redhat.com>]

On Fri, Jun 26, 2009 at 03:55:27PM +0200, Natanael Mignon - michael-wessel.de wrote:
> I am currently working on - dirty, please have mercy - customizations 
> of mod_ssl and especially OCSP-handling for a specific project (on 
> basis of Apache 2.3 code). As I am neither a seasoned C-coder nor 
> familiar with OpenSSL libraries, I am having problems extracting the 
> issuer name from an X.509 cert into a usable string format.
> 
> What I need to do:
> 
> 
> ·         Write my own "static const char *extract_responder_uri()"
> 
> ·         Don't read responder uri from certificate, but from a file

This could be done by making mod_ssl run an optional external hook to 
retrieve a responder URI given a certificate.  I will try to find time 
to add such a hook, or patches are welcome ;)

> how to get a char* or some string from an X509_NAME?

This kind of question is better off asked in openssl-users@openssl.org - 
you can see lots of examples of how to do it in mod_ssl's 
ssl_engine_vars.c however.

Regards, Joe